Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/023f71-fa9b-48ec-b838-043ba4418ce9/1/vX_I4REoxcWj0uvoUrfUhDj35qE.roa
File: vX_I4REoxcWj0uvoUrfUhDj35qE.roa (raw, json)
Hash identifier: RiGaDnJAJU/Y0GRbDYZmpRGnFqkxwHZULpdnT6xRz90=
Subject key identifier: BD:7F:C8:E1:11:28:C5:C5:A3:D2:EB:E8:52:B7:D4:84:38:F7:E6:A1
Certificate issuer: /CN=7509f20e19fea6a79e68ad228bdb85cc9df93ab9
Certificate serial: 01856DCB08995685FE7AD3BE918FCF5F37E9
Authority key identifier: 75:09:F2:0E:19:FE:A6:A7:9E:68:AD:22:8B:DB:85:CC:9D:F9:3A:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQnyDhn-pqeeaK0ii9uFzJ35Ork.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/023f71-fa9b-48ec-b838-043ba4418ce9/1/vX_I4REoxcWj0uvoUrfUhDj35qE.roa
Signing time: Sun 01 Jan 2023 14:45:00 +0000
ROA not before: Sun 01 Jan 2023 14:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35756
IP address blocks: 195.10.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:08:99:56:85:fe:7a:d3:be:91:8f:cf:5f:37:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7509f20e19fea6a79e68ad228bdb85cc9df93ab9
Validity
Not Before: Jan 1 14:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd7fc8e11128c5c5a3d2ebe852b7d48438f7e6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cf:fd:6c:3a:1e:95:14:3a:da:fd:39:65:4e:
c2:19:db:f9:63:3f:83:80:4c:19:6f:28:a2:b7:1c:
0e:e3:28:26:a5:d8:f9:fe:5e:87:74:52:87:b5:27:
b2:0e:43:7b:60:5d:11:0c:fc:ab:58:21:b6:5e:43:
5d:cf:e3:24:b0:d2:a7:34:8d:d0:50:be:97:47:6b:
91:bb:f2:8b:d1:2a:1e:7f:d5:53:35:c5:24:b0:59:
64:f5:95:b8:4a:64:01:c5:21:1f:05:5b:65:86:eb:
de:c3:35:ce:92:f3:7b:c3:c6:16:88:6d:da:91:2d:
f9:96:b0:ee:4e:00:4c:19:3f:8d:7f:00:18:ba:e6:
53:ef:0c:8b:68:37:51:05:0b:ce:3a:de:d2:18:32:
ae:4d:e6:06:84:43:05:dc:b5:17:5b:8a:ab:5a:c4:
8b:5a:a1:e3:72:80:47:8c:1e:fe:96:0e:e4:28:62:
0c:d9:e6:77:0f:22:5d:a1:56:cd:d9:6d:2f:c6:85:
4a:2e:2c:0c:3c:8c:bf:d4:fa:f6:94:15:6f:ad:32:
37:20:20:5e:8d:2d:9e:69:3e:83:3b:e5:da:fd:94:
8f:68:86:e6:fa:4e:9f:e4:a6:2f:45:17:ea:36:e1:
99:7a:a2:a6:16:4a:85:89:55:06:a9:36:e5:47:f0:
50:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7F:C8:E1:11:28:C5:C5:A3:D2:EB:E8:52:B7:D4:84:38:F7:E6:A1
X509v3 Authority Key Identifier:
keyid:75:09:F2:0E:19:FE:A6:A7:9E:68:AD:22:8B:DB:85:CC:9D:F9:3A:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQnyDhn-pqeeaK0ii9uFzJ35Ork.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/023f71-fa9b-48ec-b838-043ba4418ce9/1/vX_I4REoxcWj0uvoUrfUhDj35qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/023f71-fa9b-48ec-b838-043ba4418ce9/1/dQnyDhn-pqeeaK0ii9uFzJ35Ork.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.10.193.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:0a:34:63:68:7c:fe:d3:bb:34:13:6d:b3:08:4d:1d:9e:cc:
d7:51:c2:4f:33:3c:a1:d6:6a:03:f9:03:ea:3d:09:c0:6a:00:
14:29:99:4d:9d:8e:71:fa:9b:24:06:37:4c:70:cd:21:13:86:
b0:b3:2c:e2:e9:f8:45:79:45:48:64:14:e7:92:a1:ca:70:c6:
0c:19:7e:61:17:72:f9:86:ef:7c:26:4f:e2:23:4e:d5:b5:f3:
1e:03:9e:e2:3d:2e:19:98:69:54:73:c9:42:40:57:47:e7:4e:
f4:41:68:f5:52:34:4d:04:64:4a:ea:16:1d:7d:8c:7b:3b:dc:
73:7b:76:21:d7:00:d0:8b:29:a2:f2:17:63:71:75:27:c0:9c:
e3:21:d8:24:45:b1:7f:e4:43:64:a0:12:d0:94:ea:ef:6f:4b:
21:c4:03:5b:71:dd:53:57:8f:1a:0f:af:c8:29:8a:37:70:86:
14:9d:29:b5:1e:3e:2d:ff:a6:2a:f5:1b:16:a3:fa:3a:cf:0a:
32:2e:c6:72:60:66:b8:5d:2a:5a:ae:3e:24:6e:d7:65:99:b0:
ef:c9:a2:2e:ac:6a:e7:c9:cb:b4:31:14:b1:57:d3:10:db:cd:
ea:c4:79:40:d1:db:3b:a8:cb:48:ca:e0:46:b4:22:6b:9e:ce:
f0:a1:af:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtywiZVoX+etO+kY/PXzfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDlmMjBlMTlmZWE2YTc5ZTY4YWQyMjhiZGI4NWNjOWRm
OTNhYjkwHhcNMjMwMTAxMTQ0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdmYzhlMTExMjhjNWM1YTNkMmViZTg1MmI3ZDQ4NDM4ZjdlNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM/9bDoelRQ62v05ZU7CGdv5Yz+D
gEwZbyiitxwO4ygmpdj5/l6HdFKHtSeyDkN7YF0RDPyrWCG2XkNdz+MksNKnNI3Q
UL6XR2uRu/KL0Soef9VTNcUksFlk9ZW4SmQBxSEfBVtlhuvewzXOkvN7w8YWiG3a
kS35lrDuTgBMGT+NfwAYuuZT7wyLaDdRBQvOOt7SGDKuTeYGhEMF3LUXW4qrWsSL
WqHjcoBHjB7+lg7kKGIM2eZ3DyJdoVbN2W0vxoVKLiwMPIy/1Pr2lBVvrTI3ICBe
jS2eaT6DO+Xa/ZSPaIbm+k6f5KYvRRfqNuGZeqKmFkqFiVUGqTblR/BQlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1/yOERKMXFo9Lr6FK31IQ49+ahMB8GA1UdIwQY
MBaAFHUJ8g4Z/qannmitIovbhcyd+Tq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFueURobi1wcWVlYUswaWk5dUZ6SjM1T3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8wMjNmNzEtZmE5Yi00OGVjLWI4Mzgt
MDQzYmE0NDE4Y2U5LzEvdlhfSTRSRW94Y1dqMHV2b1VyZlVoRGozNXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8wMjNmNzEtZmE5Yi00OGVjLWI4MzgtMDQzYmE0NDE4Y2U5
LzEvZFFueURobi1wcWVlYUswaWk5dUZ6SjM1T3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrBMA0G
CSqGSIb3DQEBCwUAA4IBAQAMCjRjaHz+07s0E22zCE0dnszXUcJPMzyh1moD+QPq
PQnAagAUKZlNnY5x+pskBjdMcM0hE4awsyzi6fhFeUVIZBTnkqHKcMYMGX5hF3L5
hu98Jk/iI07VtfMeA57iPS4ZmGlUc8lCQFdH5070QWj1UjRNBGRK6hYdfYx7O9xz
e3Yh1wDQiymi8hdjcXUnwJzjIdgkRbF/5ENkoBLQlOrvb0shxANbcd1TV48aD6/I
KYo3cIYUnSm1Hj4t/6Yq9RsWo/o6zwoyLsZyYGa4XSparj4kbtdlmbDvyaIurGrn
ycu0MRSxV9MQ283qxHlA0ds7qMtIyuBGtCJrns7woa+T
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:35:56 2025 by rpki-client